Talari, Nuage Platforms Connect Offices in Multicloud Environments

Today’s topics include Talari and Nuage taking SD-WAN connectivity to the multicloud, and Cloudflare announcing its Roughtime authenticated time service.

Talari Networks and Nokia’s Nuage Networks last week both unveiled offerings designed to make it easier for enterprises to connect their branch office and remote site offices in multicloud environments.

According to Talari co-founder and Chief Marketing Officer Andy Gottlieb, “While most SD-WAN offerings provide some value in providing access to cloud services and [software as a service], almost all prior approaches face significant challenges in meeting real-time enterprise business requirements.”

Talari’s Cloud Connect multi-tenant platform ensures that customers get high performance, reliability and user experience when accessing public cloud and SaaS services. Meanwhile, the latest version of Nuage’s Virtualized Network Services platform creates a single management interface for delivering IT services across enterprise branch sites, data centers, public cloud services and SaaS provider clouds.

On Sept. 21, Cloudflare announced the deployment of a new authenticated time service called Roughtime, which is based on an open-source project of the same name that was started by Google.

Google's project page for Roughtime states, "Most computers will trust an unauthenticated NTP reply to set the system clock meaning that a man-in-the-middle attacker can control a victim’s clock and, probably, violate … security properties of … protocols."

Roughtime is a UDP-based protocol that benefits from cryptographic protection to help maintain integrity and limit the risk of man-in-the-middle attacks. In addition, the Roughtime protocol includes measures to help protect it from being used as an amplifier for distributed denial-of-service attacks.

Cloudflare intends to use its Roughtime service to help validate the proper expiration date of SSL/TLS certificates. Without the ability to properly verify time, an attacker could trick a user or server into accepting a certificate that has already expired.